Krosebrook
diff --git a/‎src/components/common/ProtectedRoute.jsx‎
Lines changed: 44 additions & 10 deletions b/‎src/components/common/ProtectedRoute.jsx‎
Lines changed: 44 additions & 10 deletions
@@ -1,8 +1,9 @@
-import { useUserData } from '../hooks/useUserData.jsx';
+import { useEffect, useState } from 'react';
+import { base44 } from '@/api/base44Client';
 import LoadingSpinner from './LoadingSpinner';
 
 /**
- * ProtectedRoute wrapper for role-based access control
+ * ProtectedRoute wrapper with auth check and returnTo support
  * 
  * @param {boolean} requireAdmin - Only admins can access
  * @param {boolean} requireFacilitator - Facilitators and admins can access
@@ -14,15 +15,48 @@ export default function ProtectedRoute({
   requireFacilitator = false,
   requireParticipant = false
 }) {
-  const { user, loading } = useUserData(
-    true, 
-    requireAdmin, 
-    requireFacilitator, 
-    requireParticipant
-  );
+  const [user, setUser] = useState(null);
+  const [loading, setLoading] = useState(true);
 
-  if (loading || !user) {
-    return <LoadingSpinner className="min-h-[60vh]" message="Loading..." />;
+  useEffect(() => {
+    const checkAuth = async () => {
+      try {
+        const currentUser = await base44.auth.me();
+        
+        // Check role requirements
+        if (requireAdmin && currentUser.role !== 'admin') {
+          window.location.href = '/Dashboard';
+          return;
+        }
+        
+        if (requireFacilitator && !['admin', 'facilitator'].includes(currentUser.role) && currentUser.user_type !== 'facilitator') {
+          window.location.href = '/ParticipantPortal';
+          return;
+        }
+        
+        if (requireParticipant && (currentUser.role === 'admin' || currentUser.user_type === 'facilitator')) {
+          window.location.href = '/Dashboard';
+          return;
+        }
+        
+        setUser(currentUser);
+        setLoading(false);
+      } catch (error) {
+        // Not authenticated - redirect to login with return URL
+        const returnTo = encodeURIComponent(window.location.pathname + window.location.search);
+        base44.auth.redirectToLogin(`?returnTo=${returnTo}`);
+      }
+    };
+
+    checkAuth();
+  }, [requireAdmin, requireFacilitator, requireParticipant]);
+
+  if (loading) {
+    return <LoadingSpinner className="min-h-[60vh]" message="Authenticating..." />;
+  }
+
+  if (!user) {
+    return null;
   }
 
   return <>{children}</>;